Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
This requires subclasses of Device to implement its full interface.
It also makes the compiler complain if there is a difference between
the interface in Device and its subclasses. The drawback is that
all Devices are required to implement all methods, but that is an
easy hurdle to overcome. This change found the discrepancies between
the Device, NativeDevice and TraceDevice interfaces fixed in the
previous commits.
|
|
Several previous updates to the Device interface required updates
to TraceDevice but were forgotten.
|
|
|
|
|
|
|
|
|
|
Not popping causes assert to be triggered in fz_draw_end_group().
|
|
Abstract methods in interfaces offer no implementation and are
implicitly declared public, making a public access modifier
redundant.
|
|
|
|
|
|
|
|
|
|
Not popping causes assert to be triggered in fz_draw_end_group().
|
|
|
|
|
|
This makes it possible to change the colorspace when encountering
ICC colorspaces.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Unlikely that this could be an issue, but lets add it for safety.
|
|
|
|
Ensure that the generated libmupdf includes all library
dependencies within it. This makes life easier for people linking
MuPDF into their own projects as there is just one lib to include
rather than a range of them that vary according to condfiguration.
Fix 64bit Memento builds of libpkcs7.
Remove double definitions of jpeg_get_small etc that are now
shown up because of the libraries being merged into one.
|
|
Previously there was no visibility as to what the error was.
|
|
fz_fill_path() may throw an exception halfway through
pdf_show_path(), which in this case would not attempt to end any
begun groups or softmasks. This led to e.g. leaks of pixmaps held
by a group that was never ended.
Moving the cleanup to the always block is not foolproof because
the cleanup code itself may also throw exceptions, hence
preventing the end of the fz_always block from being executed.
This commit does put pdf_show_path() in the same situation as
pdf_run_xobject() that has the same problem with its cleanup
code.
Thanks to oss-fuzz for reporting.
|
|
fz_open_jbig2d() is called at two locations in MuPDF. At one
location a reference to the JBIG2 globals struct was taken before
passing it to fz_open_jbig2d(). At the other location no such
reference was taken, but rather ownership of the struct was
implicitly transferred to fz_open_jbig2d(). This inconsistency
led to a leak of the globals struct at the first location.
Now, passing a JBIG2 globals struct to fz_open_jbig2d() never
implictly takes ownership. Instead the JBIG2 stream will take a
reference if it needs it and drops it in case of error. As usual
it is the callers responsibility to drop the reference to the
globals struct it owns.
|
|
JBIG2 images are detected by build_compression_params() and then
always passed to fz_open_image_decomp_stream() by build_filter().
Therefore there is no chance for build_filter() at a later stage
to detect JBIG2 images, and so that check can be removed.
|
|
|
|
|
|
When painting images using interpolation 16.16 fixpoint
arithmetics is used. This limits the width/height of any
image that can be painted to 32767. There was no size check,
so large images caused overflow and subsequent out of bounds
accesses which triggered MSAN. This c
Thanks to oss-fuzz for reporting.
|
|
Previously this would result in trying to dereference a NULL pointer.
Thanks to oss-fuzz for reporting.
|
|
Previously a value of 0 would cause the document not to be rendered.
|
|
The signer object now has an extra method that informs the caller of
the maximum size the digest might be. This is used to allocate space for
the digest within the file and to size some of the buffers used in the
code.
The openssl-based inplementation of the signer object has been updated to
perform a test digest generation so as to find the size needed. We
believe that the digest size is indendent of the hashed data.
|
|
|
|
Avoid pdf_pass_event interacting with widgets that have the read-only
field set.
|
|
pdf_show_pattern() may resize the pdf run processors gstate array. In doing
so any pointers to it saved by called will become stale. Similarly to
pdf_begin_group() pdf_show_pattern() now returns the updated pointer to the
top of the gstate stack.
For the same reason pdf_show_pattern() can not be given a pointer to a gstate
stack entry and continue using it after the gstate array has been resized. So,
have pdf_show_pattern() take an index to the desired state instead.
|
|
The leak was triggered by the PDF from 699576, but this
commit does not fully fix that bug.
|
|
This was used to prevent infinite cycles in the Type3 font CharProcs,
but the previous commits forbids all cycles in order to prevent memory
leaks due to cyclic reference counts.
|
|
Thanks to oss-fuzz for reporting.
|
|
build_filter_chain_drop() promises to extend (according to the
fs argument) the filter chain it is given, or in case of exception
throw away the at that point potentially extended filter chain it
was given from the beginning.
Because build_filter_chain_drop() calls build_filter_drop() for
every filter it adds it doesn't need to do any cleanup of the
filter chain on its own, that's build_filter_drop()'s responsibility.
Prior to this commit fz_catch() in build_filter_chain_drop() which
would drop the filter chain one time too many (it was already dropped
by build_filter_drop()), causing the callers to use a stale pointer.
Now once the extra fz_drop_stream() has been removed the logic works
as it ought to, even in the case of exceptions. Thanks to oss-fuzz
for reporting.
|